Can you trust Tor’s entry guards?

Post navigation

New research from MIT (Massachusetts Institute of Technology) shows how malicious Tor entry guards can strip away the Dark Web’s anonymity features, exposing users and the hidden websites they visit.

Tor is a sophisticated anonymity tool that can be used for browsing the regular World Wide Web or the so-called Dark Web.

On the regular web the locations of the websites are public but the Tor user is anonymous. On the Dark Web both the user and the websites they visit are anonymous and neither party knows the true IP address of the other.

That’s because between the user and the hidden service there’s a chain of computers, known as a Tor circuit, that uses encryption to hide the two ends of the connection from each other (and anyone trying to eavesdrop).

Entry guard status is bestowed upon relays in the Tor network that offer plenty of bandwidth and demonstrate reliable uptime for a few days or weeks. To become one an attacker only needs to join the network as a relay, keep their head down and wait.

Once they become an entry guard an attacker can examine the stream of data passing through their node or nodes.

Only a small proportion of that data is actually hidden services traffic and the MIT researchers’ first insight was to find characteristics that allowed them to separate that valuable stream from everything else.

... paths established through the Tor network, used to communicate with hidden services exhibit a very different behavior compared to a general circuit. We found that we can identify the users’ involvement with hidden services with more than 98% true positive rate and less than 0.1% false positive rate with the first attack.

The attacker can now focus their efforts to deanonymise users and hidden services on a much smaller amount of traffic.

The next step is to observe the traffic and identify what’s going on inside it – something the researchers achieved with technique called website fingerprinting.

Because each web page is different the network traffic it generates as it’s downloaded is different too. Even if you can’t see the content inside the traffic you can identify the page from the way it passes through the network, if you’ve seen it before.

The MIT researchers visited the home pages of a number of different hidden services and used the traffic that was generated to teach a computer program that learned to identify them.

... [the attacker] trains a supervised classifier with many identifying features of a network traffic of a website, such as the sequences of packets, size of the packets, and inter-packet timings. Using the model built from the samples, the attacker then attempts to classify the network traces of users on the live network.

Once it had been trained, the computer program was able to tell if a user was visiting a hidden site that it had learned to identify:

... we show that we can ... correctly deanonymize 50 monitored hidden service servers with true positive rate of 88% and false positive rate of 7.8% in an open world setting.

An attacker who is trying to target a specific user also needs something else; a slice of luck, a lot of patience or a data centre full of Tor relays.

That’s because when your target’s Tor browser creates a circuit it chooses an entry guard at random from a pool of a few thousand. Of course, the more entry guards you control, the luckier you can be.

The Tor project has responded to the coverage generated by the research with an article of its own written by Roger Dingledine, Tor’s project leader and one of the project’s original developers.

Dingledine uses his platform to welcome the research and to put the dangers the attack poses in to perspective.

Fingerprinting home pages is all well and good he suggests, but hidden services aren’t just home pages:

...is their website fingerprinting classifier actually accurate in practice? They consider a world of 1000 front pages, but ahmia.fi and other onion-space crawlers have found millions of pages by looking beyond front pages. Their 2.9% false positive rate becomes enormous in the face of this many pages—and the result is that the vast majority of the classification guesses will be mistakes.

So, there are certainly limits to the attack proposed in the research paper and, unlike the poisoned Tor exit nodes I wrote about last month, this attack has not been observed in the wild.

But what sets this research apart is that it only needs an entry guard.

Given the difficulty of hacking Tor, the seriousness of the crimes that it’s used to mask and the privileged position that entry guards play it would be a surprise if governments and law enforcement didn’t show a great deal of interest in them.

He used them to harvest thousands of emails and messages from embassies in Australia, Japan, Iran, India and Russia, as well as the Iranian Foreign Ministry and the Indian Ministry of Defence.

He was running exit nodes rather than entry guards but his conclusion applies to both – he was convinced (although he provided no proof of it) that governments would surely be running or spying on Tor relays too:

I am absolutely positive that I am not the only one to figure this out ... I'm pretty sure there are governments doing the exact same thing. There's probably a reason why people are volunteering to set up a node.

One comment on “Can you trust Tor’s entry guards?”

Mixed feelings about this. Sure, it’s alarming that some person/agency can simply set up a vast number of entry/exit nodes and monitor Tor traffic, but it’s even more alarming that foreign embassies would use Tor without encrypting the traffic they send first.

Even if someone controls every entry and exit node in Tor, basic encryption practices would make it a moot point. It would be the equivalent of what the NSA says it does with our cell phone records – they’d see who you’re talking to, but would have no idea what you’re saying.

So basically, what I got from this – and not to take away from it, it was a great read – is “if you don’t know how to protect your data, it could be vulnerable,” lol.